修复 bug

CODE/smart-community/zuul/src/main/java/com/community/huiju/constant/RequestURI.java

@@ -6,11 +6,11 @@ package com.community.huiju.constant;
  */
 public enum RequestURI {
 
-    APP_API("/app-api", "APP端请求路径"),
+    APP_API("/app-api/**", "APP端请求路径"),
 
-    OPERATE_API("/operate-api", "运营端请求路径"),
+    OPERATE_API("/operate-api/**", "运营端请求路径"),
 
-    PROPERTY_API("/property-api", "物业端请求路径");
+    PROPERTY_API("/property-api/**", "物业端请求路径");
 
 
     RequestURI(String url, String comment) {

CODE/smart-community/zuul/src/main/java/com/community/huiju/filter/DomainZuulPostFilter.java

@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
  * 拦截Token
  * @author weiximei
  */
-@Component
+//@Component
 @Slf4j
 public class DomainZuulPostFilter extends ZuulFilter {
 

CODE/smart-community/zuul/src/main/java/com/community/huiju/security/RestPreAuthenticateProvider.java

@@ -2,12 +2,15 @@ package com.community.huiju.security;
 
 import com.community.commom.constant.Constant;
 import com.community.huiju.exception.WisdomSecurityException;
+import com.community.huiju.service.IRoleService;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
 
+import javax.servlet.http.HttpServletRequest;
 import java.util.Collection;
 import java.util.List;
 
@@ -16,12 +19,17 @@ import java.util.List;
  *
  * @author weiximei
  */
+@Slf4j
 public class RestPreAuthenticateProvider implements AuthenticationProvider {
 
+   private HttpServletRequest request;
+
+   private IRoleService iRoleService;
+
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 
-
+        log.info("provider session: {}", request.getSession().getId());
         TokenAuthrentication tokenAuthrentication = (TokenAuthrentication) authentication.getPrincipal();
         if (null != tokenAuthrentication) {
             Collection<GrantedAuthority> grantedAuthorityList = tokenAuthrentication.getAuthorities();
@@ -31,7 +39,8 @@ public class RestPreAuthenticateProvider implements AuthenticationProvider {
                     tokenAuthrentication.setAuthenticated(false);
                     return tokenAuthrentication;
                 }
-                tokenAuthrentication.setAuthenticated(true);
+                boolean hasPermission = iRoleService.hasPermission(request);
+                tokenAuthrentication.setAuthenticated(hasPermission);
                 return tokenAuthrentication;
             }
 
@@ -52,4 +61,9 @@ public class RestPreAuthenticateProvider implements AuthenticationProvider {
         return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(authentication)
                 || TokenAuthrentication.class.isAssignableFrom(authentication);
     }
+
+    public RestPreAuthenticateProvider(HttpServletRequest request, IRoleService iRoleService) {
+        this.request = request;
+        this.iRoleService = iRoleService;
+    }
 }

CODE/smart-community/zuul/src/main/java/com/community/huiju/security/WisdomSecurityConfig.java

@@ -13,6 +13,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 
+import javax.servlet.http.HttpServletRequest;
 import java.util.Arrays;
 
 /**
@@ -29,6 +30,9 @@ public class WisdomSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private SecurityParametes parametes;
 
+    @Autowired
+    private HttpServletRequest request;
+
     /**
      * 配置预授权
      * @return
@@ -49,12 +53,10 @@ public class WisdomSecurityConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
 
         http.csrf().disable();
-        http.authenticationProvider(new RestPreAuthenticateProvider())
+        http.authenticationProvider(new RestPreAuthenticateProvider(request, iRoleService))
                 .authorizeRequests()
                 .antMatchers(parametes.getNoneSercurityPath().toArray(new String[parametes.getNoneSercurityPath().size()])).permitAll() // 不要授权
-                .anyRequest()
-                .access("@iRoleService.hasPermission(httpServletRequest)")// 任何请求需要授权
-                .anyRequest()
+                .anyRequest()// 任何请求需要授权
                 .authenticated() // 需要一个身份
 //                .antMatchers(parametes.getAppSercurityPath().get(0).split("=")[1]).hasRole(parametes.getAppSercurityPath().get(0).split("=")[0])
 //                .antMatchers(parametes.getAppSercurityPath().get(1).split("=")[1]).hasRole(parametes.getAppSercurityPath().get(1).split("=")[0])

CODE/smart-community/zuul/src/main/java/com/community/huiju/service/impl/RoleService.java

@@ -113,20 +113,20 @@ public class RoleService  extends BaseController implements IRoleService {
         String token = request.getHeader(Header.REQUEST_X_AUTH_TOKEN.getValue());
         log.info("获取的token: {}", token);
 
-        if (requestURI.indexOf(RequestURI.APP_API.getUrl()) != -1) {
+        if (antPathMatcher.match(RequestURI.APP_API.getUrl(), requestURI)) {
             UserElement appElement = (UserElement) request.getSession().getAttribute(Constant.APP_USER_SESSION);
             if (null != appElement) {
                 // 这里先默认放行
                 hasPermission = true;
             }
 
-        } else if (requestURI.indexOf(RequestURI.OPERATE_API.getUrl()) != -1) {
+        } else if (antPathMatcher.match(RequestURI.OPERATE_API.getUrl(), requestURI)) {
             UserElement webOperateElement = (UserElement) request.getSession().getAttribute(Constant.WEB_USER_SESSION);
             if (null != webOperateElement) {
                 List<RoleDTO> roleDTOS = getWebOperateUserRoleByUserId(webOperateElement.getId());
                 hasPermission = hasMenuUrl(roleDTOS, RequestURI.OPERATE_API.getUrl(), requestURI);
             }
-        } else if (requestURI.indexOf(RequestURI.PROPERTY_API.getUrl()) != -1) {
+        } else if (antPathMatcher.match(RequestURI.PROPERTY_API.getUrl(), requestURI)) {
             UserElement webPropertyElement = (UserElement) request.getSession().getAttribute(Constant.WEB_USER_SESSION);
             if (null != webPropertyElement) {
                 List<RoleDTO> roleDTOS = getWebPropertyUserRoleUserId(webPropertyElement.getId());
@@ -149,9 +149,9 @@ public class RoleService  extends BaseController implements IRoleService {
         boolean hasMenuUrl = false;
         for (RoleDTO role : roleDTOS) {
             // 是 物业端/运营端/APP端
-            List<MenuDTO> urlList = RequestURI.OPERATE_API.getUrl().equals(apiUrl)
-                    ? getWebOperateMenuUrlByRoleId(role.getId()) : RequestURI.PROPERTY_API.getUrl().equals(apiUrl)
-                    ? getWebPropertyMenuUrlRoleId(role.getId())  : RequestURI.APP_API.getUrl().equals(apiUrl)
+            List<MenuDTO> urlList = antPathMatcher.match(RequestURI.OPERATE_API.getUrl(), requestURI)
+                    ? getWebOperateMenuUrlByRoleId(role.getId()) : antPathMatcher.match(RequestURI.PROPERTY_API.getUrl(), requestURI)
+                    ? getWebPropertyMenuUrlRoleId(role.getId())  : antPathMatcher.match(RequestURI.APP_API.getUrl(), requestURI)
                     ? Collections.EMPTY_LIST : Collections.EMPTY_LIST;
 
             for (MenuDTO menu : urlList) {